dhcpcd suid
Hi,
I want to give users the ability to release and renew ip from the dhcp server (my router). I set dhcpcd suid: chmod u+s /sbin/dhcpcd This has worked, but does anyone know if this poses a major security risk/problem? Thanks |
does anyone know if this poses a major security risk/problem
You're introducing a setuid-root binary where it isn't necessary: use sudo instead. Sudo allows you to have an audit trail of who executed what commands and if you don't trust users make sudo execute a wrapper script for the command. |
Quote:
|
I don't know what a wrapper script is
It is just what it is: a "wrapper" around a command. Say for instance you allow users access to some command but it requires some basic logic, like first stopping then starting, or making sure the arguments are in the right order, or any arguments you can't get /etc/sudoers to work with, basically any stuff users should not try and fsck up. |
All times are GMT -5. The time now is 09:15 PM. |